July 11, 2024 at 01:54AM Multiple threat actors are exploiting a recently disclosed security flaw in PHP (CVE-2024-4577) to deliver remote access trojans, cryptocurrency miners, and DDoS botnets. Users are advised to update their PHP installations. Additionally, DDoS attacks increased 20% year-over-year, with China being the most targeted country. Follow for more exclusive content. Based … Read more
June 12, 2024 at 11:50AM TellYouThePass, a ransomware group, is targeting businesses and individuals using open source Web development languages, exploiting a critical PHP vulnerability (CVE-2024-4577) for remote code execution. This allows them to execute arbitrary code on vulnerable servers, posing significant risks. They also use various attack techniques and exploit known vulnerabilities such as … Read more
June 11, 2024 at 10:28AM TellYouThePass ransomware gang has swiftly exploited the critical CVE-2024-4577 vulnerability in PHP, despite a recent patch. Using publicly available exploit code, they deploy webshells and execute an encryptor payload. By injecting a ransomware variant into memory, they demand 0.1 BTC for decryption. Over 450,000 exposed PHP servers could be vulnerable. … Read more
June 7, 2024 at 10:39AM A new PHP RCE vulnerability, CVE-2024-4577, impacts Windows PHP versions since 5.x. With a patch released, updating large-scale deployments poses challenges, leaving systems vulnerable. Exploiting ‘Best-Fit’ encoding on Windows, it bypasses prior protections. Mitigations include upgrading to patched versions, applying mod_rewrite rules, or migrating from CGI to FastCGI, PHP-FPM, or … Read more